<?php
    get_header();
    global $user_ID;
    function password_not_correct(){
        echo "<div class='error'>**New password and new password confirm not invalid.</div>";
    }
    function password_empty(){
        echo "<div class='error'>**New password or password confirm is not empty.</div>";
    }
    function password_cf_empty(){
        echo "<div class='error'>**Password confirm is not empty.</div>";
    }
    function pwd_has_change(){
        echo "<div class='success'>**Your password has change, re-login with your new password!</div>";
    }
    function old_pwd_invalid(){
        echo "<div class='error'>**Old password is invalid.</div>";
    }
    function custom_wp_set_password($password,$user_id){
        global $wpdb;
        $hash = wp_hash_password( $password );
	$wpdb->update($wpdb->users, array('user_pass' => $hash, 'user_activation_key' => ''), array('ID' => $user_id) );
    }
?>
<?php 
                        if($_POST['action'] == 'change_pwd'){
                            $old_pwd = ($_POST['old_pwd']);
                            $new_pwd = $_POST['password_1'];
                            $new_pwd_cf = $_POST['password_2'];
                            $user_data = get_userdata($user_ID);

                            if (!user_pass_ok( $user_data->user_nicename, $old_pwd )) {
                                add_action('old_pwd','old_pwd_invalid');
                            }
                            if($new_pwd == '' || $new_pwd_cf == ''){
                                add_action('pwd_empty','password_empty');
                            }
                            else if($new_pwd != $new_pwd_cf){
                                add_action('pwd_not_correct','password_not_correct');
                            }else if(user_pass_ok( $user_data->user_nicename, $old_pwd ) && $new_pwd != '' && $new_pwd_cf != '' && $new_pwd == $new_pwd_cf){
                                custom_wp_set_password( $new_pwd, $user_ID );
                                add_action('change_success','pwd_has_change');
                            }
                        }
                    ?>
<div class="row-fluid">
    <div class="row-fluid content-sidebar">
        <div class="change-pwd-page">
            <div class="entry-header">
                <h1 class="entry-title">Change Password</h1>
            </div>
            <?php 
                if($user_ID){ ?>
                    <form method="post" id="wp_pass_change" class="change-pwd-form" action="">
                        <?php 
                            do_action('old_pwd');
                        ?>
                        <p class="form-row form-row-1">
                            <label for="old_pwd">Old password<span class="required">*</span></label>
                            <input type="password" class="input-text" name="old_pwd" id="old_pwd">
                        </p>
                        <?php 
                            do_action('pwd_not_correct');
                            do_action('pwd_empty');
                            do_action('change_success');
                        ?>
                        <p class="form-row-first">
                            <label for="password_1">New Password *</label>
                            <input type="password" class="input-text" name="password_1" id="password_1">
                        </p>
                        <p class="form-row-last">
                            <label for="password_2">Confirm new password *</label>
                            <input type="password" class="input-text" name="password_2" id="password_2">
                        </p>
                        <p>
                            <input type="hidden" name="action" value="change_pwd">
                            <input type="submit" class="button" name="save_account_details" value="Save changes">
                        </p>
                    </form>
                <?php }else { ?>
                    <p class="">Please Login and then change your password!</p>
                <?php }
            ?>
        </div>
    </div>
</div>
<?php
    get_footer();
?>